Apple has released emergency security updates for various devices, including iPhones, iPads, Macs, Apple Watch, Apple TV and Safari. These updates fix several security vulnerabilities, including a zero-day bug actively used in the wild.
The specific vulnerability, tracked as CVE-2023-38606, affects the kernel and allows a malicious application to potentially alter the sensitive kernel state. Apple has addressed this issue with improved state management. The company is aware that this bug is actively used in iOS versions released prior to iOS 15.7.
This is the third vulnerability linked to Operation Triangle, an advanced cyberespionage campaign targeting iOS devices since 2019. Two other zero-days, CVE-2023-32434 and CVE-2023-32435, were patched by Apple the previous month.
Security updates are available for a variety of iOS and iPadOS devices, including:
- iPhone 8 and later,
- iPad Pro (all models),
- iPad Air 3rd generation and later,
- iPad 5th generation and later, and
- iPad mini 5th generation and later.
Also covered are:
- Apple TV 4K (all models), Apple TV HD, and
- Apple Watch Series 4 and later,
- macOS Ventura 13.5,
- macOS Monterey 12.6.8, and
- macOS Big Sur 11.7.9.
With this latest release, Apple has addressed a total of 11 zero-day vulnerabilities affecting its software since the beginning of 2023.
This update follows the company’s emergency fixes two weeks ago for an active bug in WebKit that could lead to arbitrary code execution (CVE-2023-37450).
In this context, it is recommended to use up-to-date versions with the vulnerability in order not to be the target of attacks that can be carried out using the vulnerability.
Operation Triangle
Security experts have uncovered an advanced, targeted cyberattack that leverages Apple’s mobile devices. The attack, named “Triangulation,” is aimed at planting covert spyware into the iPhones of employees of certain companies, including middle and top management personnel.
The cyberattack employs an invisible iMessage carrying a malicious attachment. Utilizing multiple vulnerabilities within the iOS operating system, the attachment is executed on the device, stealthily installing the spyware. This occurs without the need for user action. Once in place, the spyware discreetly relays sensitive data back to remote servers, including microphone recordings, instant messenger photos, geolocation, and other user activity data. [Read More]